从该网页截图中可以获取到以下关于漏洞的关键信息: Title: - FIT2CLOUD SQLBot 1.3.0 Broken Function Level Authorization Description: - SQLBot 1.3.0 and earlier versions have a broken access control vulnerability in backend/api/system/api/user.py, allowing any authenticated user (regardless of role) to perform privileged operations like creating, modifying, deleting users, and viewing sensitive information. Source: - https://github.com/yaowenxia0721/Poc/blob/main/SQLBot/SQLBot-User-Management-Broken-Access-Control.md User: - yaowenxia0 (UID 82929) Submission Date: - 12/04/2025 10:03 AM Moderation Date: - 03/01/2026 07:30 AM Status: - Accepted VulDB Entry: - 348291 - [Dataeasel bot up to 1.4.0 API endpoint access control] Points: - 18